 | ||||
| PRODUCTS | COMPANIES | EDITORIAL | CLASSIFIEDS | |
| ||||
| ||||
|
|
|
|
Ethernet Hubs, Switches and Routers | |
| ||
|
||
| ||
|
||
| ||
|
||
| ||
|
Last month we looked at IP Addressing and how to setup a small network using a subnet mask. The network address, combined with the subnet mask define the size of the network and the usable addresses. The network address is a string of 0s and 1s followed by a continuous block of 0s. The subnet mask is a continuous string of 1s followed by a continuous block of 0s. The block of 0s in the network address and the subnet mask must be same size. Focusing on that continuous block of 0s, the first address (all 0s) is the network address, and should not be used on a machine (host). The last address (all 1s) is the broadcast address, which should not be used on a host, but instead is used to reach all hosts on the network. All other addresses in that range can be used as addresses for individual hosts.
Connecting hosts can be done simply by using a crossover cable (receive pins to transmit pins). A better way, and one that allows for additional distance and additional connections, is to use a hub. Hubs create a common bus. Anything on one port is given to all ports. If four hosts are connected to each other through a hub, when one host transmits all other hosts must receive, even though only one of the hosts will actually use the packet. This limits the overall amount of traffic that can pass through the network, but can be handy for troubleshooting. Switches are a bit smarter. Each Ethernet NIC (Network Interface Card) has a unique MAC (Media Access Control) address. Switches maintain a table of MAC addresses and port numbers. Packets traversing the network contain addressing information and user data. The switch reads the address and remembers what port it came from. It then checks its table to see where to send it. If the destination MAC address is not in the table, the packet is sent to all ports. When the packet arrives at the destination, a receipt packet is returned to the sender, which allows the destination address to be added to the internal table. In very short order, the switch knows the address of every host on the network and which port it is connected to. Packets can then be switched directly from one port to another without impacting the rest of the network. In the 4 machine example, this would nearly double the available bandwidth, as two pairs of machines could communicate simultaneously. Routers do more than simply switch, they designed to move traffic between networks. Routers are capable of looking deeper into packets and then applying sophisticated rules to the traffic as it moves though the network. For example, a host (192.168.1.1) on the 192.168.1.0/29 network has no way to get to a host (192.168.1.1) on the 192.168.1.8/29 network, even though they may be connected to the same switch. This is because the only way to get from one network to another is through a router that has known routes to/from both networks. Within the router is a route table that defines what traffic can be accepted and where it can be forwarded to. Routes must be established in both directions to establish communications, but the routes do not have to be symmetrical. Typically, one host on each network is a router that serves as a gateway to all non-network addresses. The router address is normally stored as the default gateway address in the host. The router has rules that might allow http (port 80) traffic between the two networks above, but to prevent non-http file transfers, ftp (ports 20 and 21) may be disallowed. Most routers have some firewall capability so that unauthorized traffic can be dumped. For instance, if the 192.168.1.1/29 address above was the gateway for that network and it received a packet from the 192.168.1.x network, but the packet showed an address of 192.168.2.24, it could be dumped because that address is obviously being spoofed from inside the network. Careful network design can prevent heavy traffic (media files) from disrupting business operations (accounting and payroll). It can also be used to improve security across the network by limiting traffic on network segments to only the traffic that needs to be there. |
|
|
|
|
|
|
|
